[FEATURE] Include darwin based binaries for OSX (#814)

Build and publish binary artifacts for Authelia which can be run directly from OSX.

.buildkite/annotations/artifacts

@@ -21,4 +21,11 @@
       <a href="artifact://authelia-linux-arm64v8.tar.gz.sha256">authelia-linux-arm64v8.tar.gz.sha256</a>
     </dd>
   </div>
+  <div class="m1">
+      <dt>darwin</dt>
+      <dd>
+        <a href="artifact://authelia-darwin-amd64.tar.gz">authelia-darwin-amd64.tar.gz</a><br>
+        <a href="artifact://authelia-darwin-amd64.tar.gz.sha256">authelia-darwin-amd64.tar.gz.sha256</a>
+      </dd>
+    </div>
 </dl>

.buildkite/hooks/pre-artifact

@@ -8,11 +8,17 @@ if [[ $BUILDKITE_LABEL =~ ":docker: Build Image" ]]; then
   echo "--- :docker: Saving artifacts for :buildkite: :docker: :github: releases"
   # Save binary for buildkite and github artifacts
   docker create --name authelia-binary ${DOCKER_IMAGE}:latest
-  docker cp authelia-binary:/usr/app/authelia ./authelia-linux-"${ARCH}"
+  docker cp authelia-binary:/usr/app/authelia ./authelia-"${OS}"-"${ARCH}"
   docker cp authelia-binary:/usr/app/public_html ./
   docker rm -f authelia-binary
-  tar -czf authelia-linux-"${ARCH}".tar.gz authelia-linux-"${ARCH}" authelia.service config.template.yml public_html
-  sha256sum authelia-linux-"${ARCH}".tar.gz > authelia-linux-"${ARCH}".tar.gz.sha256
-  # Saving image for push to docker hub
-  docker save ${DOCKER_IMAGE} | zstdmt -T0 -12 > authelia-image-"${ARCH}".tar.zst
+  if [[ $OS == "linux" ]]; then
+    tar -czf authelia-"${OS}"-"${ARCH}".tar.gz authelia-"${OS}"-"${ARCH}" authelia.service config.template.yml public_html
+  else
+    tar -czf authelia-"${OS}"-"${ARCH}".tar.gz authelia-"${OS}"-"${ARCH}" config.template.yml public_html
+  fi
+  sha256sum authelia-"${OS}"-"${ARCH}".tar.gz > authelia-"${OS}"-"${ARCH}".tar.gz.sha256
+  # Saving image for push to docker hub, darwin image is not required as OSX utilses linux manifests
+  if [[ $BUILDKITE_LABEL != ":docker: Build Image [darwin]" ]]; then
+    docker save ${DOCKER_IMAGE} | zstdmt -T0 -12 > authelia-image-"${ARCH}".tar.zst
+  fi
 fi

.buildkite/hooks/pre-command

@@ -16,5 +16,5 @@ if [[ $BUILDKITE_LABEL =~ ":docker: Deploy Image" ]]; then
 fi
 
 if [[ $BUILDKITE_LABEL == ":github: Deploy Artifacts" ]]; then
-  buildkite-agent artifact download "authelia-linux-*" .
+  buildkite-agent artifact download "authelia-*-*.tar.gz*" .
 fi

.buildkite/pipeline.sh

@@ -44,6 +44,6 @@ steps:
   - label: ":chrome: Integration Tests"
     command: ".buildkite/steps/e2etests.sh | buildkite-agent pipeline upload"
     depends_on:
-      - "build-docker-amd64"
+      - "build-docker-linux-amd64"
     if: build.branch !~ /^(master)|(v[0-9]+\.[0-9]+\.[0-9]+)$\$/ && build.env("CI_BYPASS") != "true"
-EOF
+EOF

.buildkite/steps/buildimages.sh

@@ -1,18 +1,38 @@
 #!/bin/bash
 set -eu
 
-for BUILD_ARCH in amd64 arm32v7 arm64v8; do
+declare -A BUILDS=(["linux"]="amd64 arm32v7 arm64v8" ["darwin"]="amd64")
+
+for BUILD_OS in "${!BUILDS[@]}"; do
+  for BUILD_ARCH in ${BUILDS[$BUILD_OS]}; do
+if [[ "${BUILD_OS}" == "darwin" ]]; then
+cat << EOF
+  - label: ":docker: Build Image [${BUILD_OS}]"
+    command: "authelia-scripts docker build --arch=${BUILD_OS}"
+EOF
+else
 cat << EOF
   - label: ":docker: Build Image [${BUILD_ARCH}]"
     command: "authelia-scripts docker build --arch=${BUILD_ARCH}"
+EOF
+fi
+cat << EOF
     agents:
       build: "true"
     artifact_paths:
+EOF
+if [[ "${BUILD_OS}" == "linux" ]]; then
+cat << EOF
       - "authelia-image-${BUILD_ARCH}.tar.zst"
-      - "authelia-linux-${BUILD_ARCH}.tar.gz"
-      - "authelia-linux-${BUILD_ARCH}.tar.gz.sha256"
+EOF
+fi
+cat << EOF
+      - "authelia-${BUILD_OS}-${BUILD_ARCH}.tar.gz"
+      - "authelia-${BUILD_OS}-${BUILD_ARCH}.tar.gz.sha256"
     env:
       ARCH: "${BUILD_ARCH}"
-    key: "build-docker-${BUILD_ARCH}"
+      OS: "${BUILD_OS}"
+    key: "build-docker-${BUILD_OS}-${BUILD_ARCH}"
 EOF
+  done
 done

.buildkite/steps/ghartifacts.sh

@@ -6,7 +6,8 @@ artifacts=()
 for FILES in \
   authelia-linux-amd64.tar.gz authelia-linux-amd64.tar.gz.sha256 \
   authelia-linux-arm32v7.tar.gz authelia-linux-arm32v7.tar.gz.sha256 \
-  authelia-linux-arm64v8.tar.gz authelia-linux-arm64v8.tar.gz.sha256;
+  authelia-linux-arm64v8.tar.gz authelia-linux-arm64v8.tar.gz.sha256 \
+  authelia-darwin-amd64.tar.gz authelia-darwin-amd64.tar.gz.sha256;
 do
   artifacts+=(-a "${FILES}")
 done

Dockerfile.darwin

@@ -0,0 +1,62 @@
+# =======================================
+# ===== Build image for the backend =====
+# =======================================
+FROM golang:1.14.0-alpine AS builder-backend
+
+ARG BUILD_TAG
+ARG BUILD_COMMIT
+
+# cross-compiler is required for building go-sqlite3
+RUN apk --no-cache add clang-dev curl gcc musl-dev && \
+    curl -Lfs -o /tmp/osxcross-darwin-linux.tar.xz "https://nerv.com.au/authelia-ci/osxcross-darwin-linux.tar.xz" && \
+    tar xf /tmp/osxcross-darwin-linux.tar.xz -C /
+
+WORKDIR /go/src/app
+
+COPY go.mod go.sum ./
+
+RUN go mod download
+
+COPY cmd cmd
+COPY internal internal
+
+# Set the build version and time
+RUN echo "Write tag ${BUILD_TAG} and commit ${BUILD_COMMIT} in binary." && \
+    sed -i "s/__BUILD_TAG__/${BUILD_TAG}/" cmd/authelia/constants.go && \
+    sed -i "s/__BUILD_COMMIT__/${BUILD_COMMIT}/" cmd/authelia/constants.go
+
+# CGO_ENABLED=1 is mandatory for building go-sqlite3
+RUN cd cmd/authelia && \
+GOOS=darwin GOARCH=amd64 CGO_ENABLED=1 CC=o64-clang go build -tags netgo -ldflags '-w -linkmode external' -trimpath -o authelia
+
+# ========================================
+# ===== Build image for the frontend =====
+# ========================================
+FROM node:12-alpine AS builder-frontend
+
+WORKDIR /node/src/app
+COPY web .
+
+# Install the dependencies and build
+RUN yarn install --frozen-lockfile && yarn build
+
+# ===================================
+# ===== Authelia official image =====
+# ===================================
+FROM alpine:3.11.3
+
+RUN apk --no-cache add ca-certificates tzdata
+
+WORKDIR /usr/app
+
+COPY --from=builder-backend /go/src/app/cmd/authelia/authelia ./
+COPY --from=builder-frontend /node/src/app/build public_html
+
+EXPOSE 9091
+
+VOLUME /etc/authelia
+VOLUME /var/lib/authelia
+
+ENV PATH="/usr/app:${PATH}"
+
+CMD ["./authelia", "--config", "/etc/authelia/configuration.yml"]

cmd/authelia-scripts/cmd_docker.go

@@ -14,7 +14,7 @@ import (
 
 var arch string
 
-var supportedArch = []string{"amd64", "arm32v7", "arm64v8"}
+var supportedArch = []string{"amd64", "arm32v7", "arm64v8", "darwin"}
 var defaultArch = "amd64"
 var buildkiteQEMU = os.Getenv("BUILDKITE_AGENT_META_DATA_QEMU")
 var ciBranch = os.Getenv("BUILDKITE_BRANCH")

go.mod

@@ -16,7 +16,6 @@ require (
 	github.com/go-ldap/ldap/v3 v3.1.8
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/golang/mock v1.4.3
-	github.com/golang/snappy v0.0.1 // indirect
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
 	github.com/kr/pty v1.1.8 // indirect
 	github.com/lib/pq v1.3.0
@@ -32,10 +31,8 @@ require (
 	github.com/spf13/viper v1.6.2
 	github.com/stretchr/testify v1.5.1
 	github.com/tebeka/selenium v0.9.9
-	github.com/tidwall/pretty v1.0.0 // indirect
 	github.com/tstranex/u2f v1.0.0
 	github.com/valyala/fasthttp v1.9.0
-	github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c // indirect
 	github.com/xdg/stringprep v1.0.0 // indirect
 	go.mongodb.org/mongo-driver v1.3.1
 	google.golang.org/appengine v1.6.5 // indirect